da Agency

How partners can maximize their 2023 opportunity with the transformation cloud

The excitement at Next ‘22 this year was inescapable.  We celebrated a number of exciting announcements and wins that show where the cloud is heading, and what that means for our partners and customers.  As we close out 2022 and finalize our plans for 2023, I wanted to provide a perspective on the most important partner developments from the event to help you hit the ground running next year.Google Cloud’s transformation cloud was front and center throughout our entire event. This powerful technology platform is designed to accelerate digital transformation for any organization by bringing five business-critical capabilities to our shared customers:The ability to build open data clouds to derive insights and intelligence from data.Open infrastructure that enables customers to run applications and store data where it makes the most sense.A culture of collaboration built on Google Workspace that brings people together to connect and create from anywhere, enabling teams to achieve more.The same trusted environment that Google uses to secure systems, data, apps, and customers from fraudulent activity, spam, and abuse.And a foundational platform that uses efficient technology and innovation to drive cost savings and create a more sustainable future for everyone.More than just vision, the transformation cloud is delivering results today. British fashion retailer Mulberry and partner Datatonic have built data clouds to drive a 25% increase in online sales. Vodafone in EMEA is working with our partner Accenture to migrate and modernize its entire infrastructure.  Hackensack Meridian Health in New Jersey is working with partner Citrix to leverage our infrastructure and Google Workspace to modernize its systems, enable collaboration, reduce costs, bolster security, and provide better patient and practitioner experiences. Many more transformation stories are available here and in our partner directory.For our partners, the transformation cloud is your customer satisfaction engine. It enables you to bring new capabilities to market that customers cannot get anywhere else – from overcoming challenges around organizational management, to demand forecasting, supply-chain visibility, and more – all of this is possible only with the capability of our Data, AI/ML, collaboration and security tools.Thomas Kurian and Kevin Ichhpurani provided excellent insight and guidance for partners looking to begin, or accelerate, their journey with the transformation cloud in their Next ‘22 partner keynote. Briefly, here are the three steps partners can take now to set themselves up for success in 2023:Customers expect you to be deeply specialized in cloud solutions and their business Customers have made it clear they expect to work with partners who are deeply knowledgeable about the technology solutions and foundational elements of the transformation cloud. Just as important, it’s no longer good enough for partners to offer a small group of highly trained individuals to do it all. Customers need deep cloud expertise within specific business functions and even within global regions. They need people who know how to leverage our cloud solutions to achieve great outcomes for finance departments, human resources, customer service, operations, and more. And more than that, customers need people who are also experts at driving these kinds of transformations within regional environments defined by unique policies, compliance requirements, and even cultural issues. This is a tall order, but it’s absolutely critical to your growth and success. This is why Google Cloud is investing in the tools, training, and support you need to expand your bench of trained and certified individuals.Second, increase your focus on consumption and service delivery to land and expand opportunities.The demand here is significant and growing. In its 2022 Global IT Market Outlook, analyst firm Canalys stated that partner-delivered IT products and services will account for more than 73% of the total global IT market this year and into next year (about even with its 2021 forecast, which suggests that services remain in high demand). This includes managed services such as cloud infrastructure and software services, managed databases, managed data warehouses, managed analytic tools, and more. These are high-margin endeavors for partners. Equally important, these kinds of services allow your customers to shift their people from managing technology to managing and growing the business.As Thomas Kurian said during his Next ‘22 remarks, Google Cloud is not in the services business–that’s the domain of our partners. We are a product and technology company. This is why we have a partner-led service delivery commitment, and a goal of bring partners into 100% of customer engagements. Third, we are investing to help Google Cloud partners drive consumption and new business. We know you are focused on growing your customer engagements and accelerating customers’ time to value. We’re here to support you:Our Smart Analytics platform is a key market differentiator that enables partners to tap into the fast growing Data & Analytics market, which is expected to hit $500B by 2024.1We are investing $10 billion in cybersecurity and our recent acquisition of Mandiant extends our leadership in this area by combining offense and defense in powerful new ways.Governments worldwide are looking for sovereign cloud solutions to meet their security, privacy, and digital sovereignty requirements. Google Cloud has a highly differentiated solution in this area, and partnerships are critical. We are driving to validate all of our ISV partner solutions through our Cloud Ready – Sovereign Solutions initiative.We are providing increasing resources and support to help partners embed the capabilities of Google Workspace in their solutions.We continue to allow customers to buy partner solutions and decrement their commits just like with Google Cloud products.You’ll see more from us on all of this in kick off 2023. The opportunity to prosper – Google, partners, and customers alike – is tremendous. I’ve never been more excited about the year ahead.1. IDC Forecast Companies to spend 342 B on AI Solutions in 2021Related ArticleWhat’s next for digital transformation in the cloudGoogle Cloud ’Next 22 is here! Check out the official kickoff blog and hear from our CEO, Thomas Kurian, on new customer wins, partnershi…Read Article
Quelle: Google Cloud Platform

da Agency

3 key cloud adoption trends in migrating and modernizing workloads

In the past few years, organizations have weathered unprecedented change as they have had to adapt to macro-economic, political, and societal challenges. These challenges are not going away—the business outlook remains uncertain with ongoing concerns, including inflation, supply chain disruptions, and rising energy prices.

Microsoft believes the best way to prepare for this uncertainty is for organizations to do more with less—less complexity and cost, with more agility, resilience, and innovation. This means applying digital capabilities to extend what organizations can achieve amidst today’s constraints.

Moving workloads to the cloud provides more flexibility for organizations to align their IT investments with business needs while benefiting from cloud economies of scale. Modern infrastructure and cloud capabilities can also free up an organization’s IT workforce to focus on workloads and applications that are most meaningful to their customers.

To get a deeper understanding of the challenges faced by our customers and their plans around cloud adoption, Microsoft commissioned a global survey with more than 1200 IT decision makers.

The study revealed three key cloud adoption trends:

1. Cloud adoption plans remain integral to strategies in uncertain business climates

The survey found 62 percent of organizations have a migration and modernization strategy in place, showing the increasing importance of cloud adoption in IT transformation. Their top motivators are reducing total business costs, future proofing business strategy, and driving revenue growth. The survey also showed security, business continuity (BC), disaster recovery (DR), and scalability as top benefits desired from cloud migrations. That said, we expect that returns on investment (ROI) considerations will remain top of mind in the near term as customers prioritize cloud initiatives for implementation—be it optimizing their existing cloud workloads or moving additional workloads. This increased attention on cost optimization and the rise of financial operations teams (FinOps) is also echoed in the Flexera state of the cloud 2022 report, where for the sixth year in a row, optimizing the existing use of cloud (cost savings) was the top initiative, followed by migrating more workloads to the cloud.

Organizations are considering cloud adoption plans holistically across their entire IT infrastructure to better prepare for what’s next. Of the organizations we surveyed, the number who have more than half of their workloads in the cloud will grow from 27 percent to 47 percent over the next 18 months with investments spanning both business-critical and non-business critical workloads. Furthermore, the survey found organizations with a cloud migration and modernization strategy are 58 percent more likely to be ‘cloud-only’ (all or almost all applications and workloads running in the cloud) three years from now.

2. Modernization is a key focus for digital transformation

82 percent of surveyed organizations said migrating to the cloud is a steppingstone towards digital transformation. Migration is about getting workloads to the cloud—and modernization is about refactoring existing applications and workloads to take full advantage of cloud-native technologies like Platform-as-a-Service (PaaS) or containers. Those surveyed told us 74 percent of workloads that have already migrated are candidates for modernization—modernizing workloads helps opens the door to digital transformation whether it’s speeding up product innovation cycles or personalized end-user experiences.

3. Hybrid and multicloud interoperability and integration are expected

Organizations continue to embrace multicloud and are looking for cross-cloud management and interoperability from their cloud providers. Underscoring our recent research on hybrid and multicloud earlier this year, customers surveyed want to retain investment flexibility along with best-of-breed cloud capabilities with 71 percent to continue implementing a hybrid or multi-cloud strategy.

Complexities of cloud-to-cloud integration, refactoring existing applications, and integration with legacy backends are a few of the barriers that can slow down cloud adoption. So, it’s no surprise that support from a dedicated migration and modernization team was ranked highest in surveyed customers’ wish list from cloud vendors. Post migration support, access to engineering resources, and help with technical skilling were other key areas that emerged from the survey.  These findings present significant implications for cloud providers as they define programs and investments to assist customers during uncertain times.

How Microsoft Azure can help customers with cloud migration and modernization efficiently

We have been on our own digital transformation journey since Microsoft began migrating on-premises workloads to the cloud in 2014. We have been transforming our IT footprint using built-in tools and data insights that Azure provides to optimize costs (such as Azure Advisor, Azure Cost Management and Billing, and Azure Monitor) and reinvesting in modernization for business growth. Today more than 95 percent of our workloads run on the cloud, and while our yearly budget for Azure has remained constant since 2014, Microsoft has grown by more than 20 percent. Our own journey and learnings inform how we can empower customers to best meet their current and future technology needs.

Our customers choose Azure as their platform of choice to meet their goals today and to build for the future tomorrow.

Fiserv, a global fintech and payment company, improved their payment processing infrastructure to simplify operations bringing benefits such as risk reduction and cost savings. Perrigo, a worldwide producer and supplier of consumer self-care products for businesses, unlocked agility and flexibility through streamlined finance workloads to build a single source of truth for finance. The Bank of Angola became the first bank in Angola to embrace digitization by moving to the cloud to innovate and improve processes and infrastructure. O2 Czech Republic, the leading telecommunications company in the Czech Republic, saw a 30 percent total cost of ownership (TCO) savings for every workload they moved while enhancing security and scaling their entertainment business.

We continue to invest deeply in helping our customers do more with less and get the most out of their Azure investments with our solutions.

Today we’re announcing a new total cost of ownership (TCO) or business case capability to help customers estimate how much they can save by migrating their Windows Server and SQL Server estate to Azure. This will be available within Azure Migrate, our free self-service migration tool that allows organizations to plan and execute their move to Azure. Try out this new capability and share your feedback.
Customers can optimize their cloud investments with our unique offers and pricing benefits. With unique offers like the Azure Hybrid Benefit (save costs by reusing software assurance enabled Windows, Server SQL Server, Red Hat Enterprise Linux, and SUSE Linux licenses on Azure) and Extended Security Updates (free only on Azure), it’s up to 80 percent less expensive to run Windows Server and SQL Server VMs on Azure than it is with our main competitor. With Azure savings plan for compute, customers can significantly reduce resource costs by up to 65 percent compared to pay-as-you-go prices.
The Azure Migration and Modernization Program (AMMP) offers customers the right mix of expert help to reduce migration costs and accelerate their move—including technical skilling, engineering resources, specialized partners, and cost-effective incentives so customers are holistically set up for success.

At Microsoft, we are committed to helping our customers be successful, drive strong business outcomes and get the most out of their cloud investments, especially in challenging environments like today’s.

Learn more about some of our updates and other key cloud trends in my fireside chat with Dave McCarthy, Research Vice President, Cloud and Edge Infrastructure Services at IDC, where we discussed industry trends around cloud adoption, and the whitepaper on “The Business value of Migrating and Modernizing with Microsoft Azure."

Dive deeper into our global survey findings and methodology by downloading the full report here.

Sources: Flexera 2022 State of the Cloud Report: Cloud Migration Stats—2022 Flexera State of the Cloud Report IDC.

The Business Value of Migrating and Modernizing with Azure, sponsored by Microsoft Azure, #US49665122 Published: 9/24/2022.
Quelle: Azure

da Agency

Microsoft Azure's defense in depth approach to cloud vulnerabilities

Our digital world is changing, with more persistent, sophisticated, and driven cybercriminals. As risks increase and threats compound, trust is more important than ever. Customers need to be able to trust in the technology platforms they invest in to build and run their organizations. As one of the largest cloud service providers, we build trust by helping our customers be secure from the start and do more with the security of our cloud platforms that’s built in, embedded, and out of the box.

Our security approach focuses on defense in depth, with layers of protection built throughout all phases of design, development, and deployment of our platforms and technologies. We also focus on transparency, making sure customers are aware of how we’re constantly working to learn and improve our offerings to help mitigate the cyberthreats of today and prepare for the cyberthreats of tomorrow.

In this blog, we highlight the extensive security commitments from our past, present, and into the future, as well as where we see opportunities for continued learning and growth. This piece kicks off a 4-part Azure Built-In Security series intended to share lessons we’ve learned from recent cloud vulnerabilities and how we're applying these learnings to ensure our technologies and processes are secure for customers. Transparently sharing our learnings and changes is part of our commitment to building trust with our customers, and we hope it encourages other cloud providers to do the same.

Past, present, and future of our security commitments 

For decades Microsoft has been, and continues to be, deeply focused on customer security and improving the security of our platforms. This commitment is evident in our long history of leading security best practices from our on-premises and software days to today’s cloud-first environments. A shining example of this is when in 2004, we pioneered the Security Development Lifecycle (SDL), a framework for how to build security into applications and services from the ground up whose influence has been far reaching. SDL is currently used as the basis for built-in security in key initiatives including international application security standrards (ISO/IEC 27034-1) and the White House’s Executive Order on Cyber Security.

As security leaders and practitioners know though, security’s job is never done. Constant vigilance is vital. This is why Microsoft currently invests heavily in internal security research as well as a comprehensive bug bounty program. Internally, Microsoft boasts more than 8,500 security experts constantly focused on vulnerability discovery, understanding attack trends and addressing patterns of security issues. Our world-class security research and threat intelligence helps protect customers, Microsoft, open-source software, and our industry partners alike.

We also invest in one of the industry’s most proactive Bug Bounty Programs. In 2021 alone, Microsoft awarded $13.7 million in bug bounties across a broad range of technologies. An emerging trend over the last year has been an uptick in externally reported vulnerabilities impacting several cloud providers, including Azure. While vulnerabilities are not uncommon across the industry, as a leading cloud provider and the number one security vendor, Microsoft is of greater interest to researchers and security competitors alike. This is why our public bounty program was the first to include cloud services, beginning in 2014, and in 2021 we further expanded the program to include higher rewards for cross-tenant bug reports. As anticipated, this clearly drew even more external security researcher interest in Azure, culminating in multiple cross-tenant bug bounties being awarded. Regardless of the reasons, these findings helped further secure specific Azure services and our customers.

Finally, we firmly believe that security is a team sport, and our focus on collaboration is evidenced in our contributions to the security ecosystem, such as our involvement in the NIST Secure Software Development Framework (SSDF), and improving the security posture of Open Source Software (OSS) through our $5 million investment in the OpenSSF Alpha-Omega project.

Our commitment to security is unwavering, as seen in our decades-long leadership of SDL to present day vulnerability discovery, bug bounty programs, collaboration contributions, and continues well into the future with our commitment of investing more than $20 billion over five years in cybersecurity. While building-in security from the start is not new at Microsoft, we understand the security landscape is continually changing and evolving, and with it so should our learnings.

Our latest learnings and improvements for a more secure cloud

At Microsoft, a core part of our culture is a growth mindset. Findings from internal and external security researchers are critical to our ability to further secure all our platforms and products. For each report of a vulnerability in Azure, we perform in-depth root cause analysis and post-incident reviews whether discovered internally or externally. These reviews help us reflect and apply lessons learned, at all levels of the organization, and are paramount to ensuring that we constantly evolve and build in security at Microsoft.

Based on the insights we’ve gained from recent Azure vulnerability reports, we are improving in three key dimensions. These developments enhance our response process, extend our internal security research, and continually improve how we secure multitenant services.

1. Integrated response

Several lessons from the past year focused our attention in areas we recognize the need to improve, such as accelerating response timelines. We are addressing this throughout our Integrated Response processes and unifying internal and external response mechanisms. We started by increasing both the frequency and scope of our Security LiveSite Reviews at the executive level and below. We are also improving the integration of our external security case management and our internal incident communication and management systems. These changes reduce mean time to engagement and remediation of reported vulnerabilities, further refining our rapid response. 

2. Cloud Variant Hunting

In response to cloud security trends, we have expanded our variant hunting program to include a global and dedicated Cloud Variant Hunting function. Variant hunting identifies additional and similar vulnerabilities in the impacted service, as well as identify similar vulnerabilities across other services, to ensure discovery and remediation is more thorough. This also leads to a deeper understanding of vulnerability patterns and subsequently drives holistic mitigations and fixes. Below are a few highlights from our Cloud Variant Hunting efforts:

In Azure Automation we identified variants and fixed more than two dozen unique issues.
In Azure Data Factory/Synapse we identified significant design improvements that further harden the service and address variants. We also worked with our supplier, and other cloud providers, to ensure that risks were addressed more broadly.
In Azure Open Management Infrastructure we identified multiple variants, our researchers published CVE-2022-29149, and we drove the creation of Automatic Extension Upgrade capabilities to reduce time to remediate for customers. Our Automatic Extension Upgrade feature is already benefiting Azure Log Analytics, Azure Diagnostics, and Azure Desired State Configuration customers.

Additionally, Cloud Variant Hunting proactively identifies and fixes potential issues across all our services. This includes many known as well as novel classes of vulnerabilities, and in the coming months we will share more details of our research to benefit our customers and the community at large

3. Secure multitenancy

Based on learnings from all our security intelligence sources, we continue to evolve our Secure Multitenancy requirements as well as the automation we use at Microsoft to provide early detection and remediation of potential security risk. As we analyzed Azure and other cloud security cases over the last couple of years, both our internal and external security researchers have found unique ways to break through some isolation barriers. Microsoft invests heavily in proactive security measures to prevent this, so these new findings helped determine the most common causes and ensure we were committed to addressing them within Azure through a small number of highly leveraged changes.

We are also doubling down on our defense in depth approach by requiring and applying even more stringent standards for Compute, Network, and Credential isolation across all Azure services, especially when consuming third-party or OSS components. We are continuing to collaborate with the OSS community, such as PostgreSQL, as well as other cloud providers, on features which are highly desirable in multitenant cloud environments. 

This work has already resulted in dozens of distinct findings and fixes with the majority (86 percent) attributed to our specific improvements in Compute, Network, or Credential isolation. Among our automation improvements, we are extending internal Dynamic Application Security Tests (DAST) to include more checks for validating Compute and Network isolation as well as adding net new runtime Credential isolation check capabilities. In parallel, our security experts continue to scrutinize our cloud services, validate they meet our standards, and innovate new automated controls for the benefit of our customers and Microsoft.

From the cloud security’s shared responsibility model, we recommend our customers use the Microsoft cloud security benchmark to improve their cloud security posture. We are developing a set of new recommendations focusing on multi-tenancy security best practices and will publish that in our next release.

In short, while Microsoft has a long and continued commitment to security, we are continually growing and evolving our learnings as the security landscape also evolves and shifts. In this spirit of constant learning, Microsoft is addressing recent Azure cloud security issues by enhancing secure multitenancy standards, expanding our cloud variant hunting capacity, and developing integrated response mechanisms. Our enhancements, and the scale of our security efforts, further demonstrate our leadership and decades-long commitment to continual improvement of our security programs and raising the bar for security industry-wide. We continue to be committed to integrating security into every phase of design, development, and operations so that our customers, and the world, can build on our cloud with confidence.

Learn more

Follow the Microsoft Security Response Center blog for our latest security research findings.
Learn more about how Microsoft Azure can help strengthen your security posture.
To learn more about our responses to cloud security updates, read our blogs: the Anatomy of a Cloud-Service Security Update and Anatomy of a Security Update.

Quelle: Azure

da Agency

Fähigkeiten von Elastic Load Balancing für die Verfügbarkeit von Anwendungen

Wir freuen uns, vier neue Fähigkeiten von Elastic Load Balancing bekannt zu geben, die die Verfügbarkeit Ihrer Anwendungen weiter verbessern werden. AWS bietet mehrere Bausteine, wie Regionen und Availability Zones, damit Sie Ihre Anwendungen so entwerfen können, dass sie von verschiedenen Arten von Ausfällen isoliert sind. Ab heute bieten wir zusätzliche Funktionen an, mit denen Sie definieren können, wie sich Ihre Anwendungen im Fall von Ausfällen verhalten sollen, sowie eine Funktion, die zu einer schnelleren Wiederherstellung beiträgt. Diese neuen Funktionen umfassen:
Quelle: aws.amazon.com